intel-k8s-bot
commented
1 year ago Debugging the issue with failed snyk auth (token is not propagated to CI environment)
Closed intel-k8s-bot closed 1 year ago
intel-k8s-bot
commented
1 year ago Debugging the issue with failed snyk auth (token is not propagated to CI environment)
oxxenix
commented
1 year ago The issue with SNYK (Snyk is missing auth token in order to run inside CI. You must include your API token as an environment value: SNYK_TOKEN=12345678) still persists. Repo Secrets are not propagated into CI environment because it is running inside the PR.
From the GitHub documentation: With the exception of GITHUB_TOKEN, secrets are not passed to the runner when a workflow is triggered from a forked repository https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#workflows-in-forked-repositories
We can test it using another event called pull_request_target. Details are here: https://gist.github.com/fidencio/57960a11a0f7669e0b9c4a823d5503e5
You have successfully added a new CodeQL configuration
.github/workflows/ci.yml:codeQL. As part of the setup process, we have scanned this repository and found 1 existing alert. Please check the repository Security tab to see all alerts.